JBOSS JMX/RMI monitoring through firewall - ports setup - rmi

There are two main initial steps to tick for this to work:
exposing RMI adding following properties to the JBOSS startup script
JAVA_OPTS="$JAVA_OPTS -Dcom.sun.management.jmxremote.port=9999
-Dcom.sun.management.jmxremote.authenticate=false -Dcom.sun.management.jmxremote.ssl=false"
making RMI behave and be firewall friendly https://community.jboss.org/wiki/UsingJBossBehindAFirewall
My doubt is on .jmxremote.port being the same or a different port as
<attribute name="RmiPort">1098</attribute>

Below sets the RMI registry port, which is 1900 by default.
-Dcom.sun.management.jmxremote.port=12345
And below sets the random RMI port to a fixed port.
-Dcom.sun.management.jmxremote.rmi.port=12346
Tested on Java 8 and a Tomcat process and a Spring-Boot(tomcat embedded) process through a firewall.

Related

Shutdown remote naming service in Wildfly

I need to shutdown port 1099 in Wildfly 10.1. This port normally used for remote JNDI/RMI and in Wildfly 10.1, the remote naming system has a
[security vulnerability][1].
The straightforward solution will be to configure a firewall to not allow traffic on 1099 port, but this is not acceptable by our client. I thought it possible to configure WF to not use remote JNDI/RMI but can't figure out how to configure it.
The JBoss documentation on Remote JNDI Interface says that you can deactivate the remote JNDI interface by executing the following command via CLI interface:
/subsystem=naming/service=remote-naming:remove
and it seems really stopping the service, but once you do server 'reload' the Wildfly resumes connection on the port 1099.

Why JBoss Wildfly server can't use 9999 as its manage port?

If I changed manage port to 9999 for Wildfly 10, then I can't use jboss-cli.bat/sh to stop this server. Is there some restrict of using 9999
In Wildfly 10 management console and CLI uses same port for communication i.e 9990. This is done to reduce the number of ports opened by server instance. If you want to use 9999 port for CLI then you need to define this port in socket-binding and use 'remote' protocol to connect like "jboss-cli.sh -c --controller=remote://localhost:9999"
Per default 9999 is associated with the remote protocol so the CLI will use remote instead of http-remoting which is the default protocol. Use "jboss-cli.sh -c --controller=http-remoting://localhost:9999"

jBoss 6 (may be 7, 4 and 6 too) Cluster in a single laptop

I need to test some cluster oriented developments. Unfortunately I have just my laptop and no other PCs at hand.
I there a concrete way to setup a jBoss 6 cluster within my laptop with a single IP address?
Thanks in advance for the help.
The only problem with running two JBoss servers on one IP address is that they are set to bind to the same ports. So there are two ways how to resolve this problem.
1: Just say JBoss server to use another set of ports. You can set it when starting server.
./run.sh -Djboss.service.binding.set=ports-01
It means that all ports will be higher by 100, so for example admin console won't be on port 8080 but on 8180. Default value is ports-default and others are ports-01, ports-02 etc.
2: The second possibility is to create another virtual IP address, and bind servers to different addresses.
./run.sh -b 192.168.1.2
./run.sh -b 192.168.1.3
Also don't forget to set properly jboss.messaging.ServerPeerID parameter. So commands it will be:
./run.sh -Djboss.messaging.ServerPeerID=1
./run.sh -Djboss.service.binding.set=ports-01 -Djboss.messaging.ServerPeerID=2
or
./run.sh -b 192.168.1.2 -Djboss.messaging.ServerPeerID=1
./run.sh -b 192.168.1.3 -Djboss.messaging.ServerPeerID=2
In the same way you can configure JBoss AS5, but JBoss AS7 configuration is completely different.
I wrost case you have to use a virtual pc like VirtualBox or VMware.
This article explains how to setup a Torquebox (specialized JBoss to jruby) cluster in one machine and has info on how to create the virtual ips. Hope it helps.

Can't run a Servlet with Tomcat because something is using the ports

I'm trying to write a Servlet in eclipse configured to use Tomcat 5.5 and I get the following error when I try to run it:
Several ports (8080, 8009) required by Tomcat v5.5 Server at localhost are already in use. The server may already be running in another process, or a system process may be using the port. To start this server you will need to stop the other process or change the port number(s)
As far as I know, Tomcat 5.5 is the one using port 8080, and when I go to http://localhost:8080 I do get the Tomcat success page, so it looks like eclipse tries to run another instance of Tomcat without shutting down the original and fails. How do I solve this?
like it says, something is using the port.
there are two solutions for your problem.
identify (on windows with netstat command) what is using the port (e.g. skype, ...) and stop it
change the port of your tomcat runtime in eclipse -> http://techteam.wordpress.com/2009/02/13/changing-the-tomcat-port-settings-in-eclipse/
hope this helps

Run jsp in eclipse on specific port and ssl

I have used Eclipse 3.4 to create a Dynamic Web Project. I have also configured my server to use port 8443 with ssl. If I start my server I can access my test.jsp by going to it's address
https://localhost:8443/TestContext/test.jsp
In eclipse, I have installed this server and added my project to the server. If I Run test.jsp it always launches as
http://localhost:8080/TestContext/test.jsp
My question is: How can I set up eclipse to run this on https://localhost:8443/ rather than the default 8080? Thanks in advance.
You should have a project called "Servers". There your tomcat should have its folder - for example "Tomcat 6.0.20 at localhost-config". There is server.xml there, in which you can enable SSL.
When you enable the SSL, the server accepts requests on port 8443 as well as on 8080. The server is not run on a port - it accepts connections on multiple ports. So just type https://localhost:8443/